Latest XenServer and Citrix Hypervisor vulnerabilities #

Citrix released a security update to address vulnerabilities in their XenServer and Hypervisor virtualization products.

Citrix outlines that the following affects both XenServer 8 and Citrix Hypervisor 8.2 CU1 LTSR and could allow a malicious administrator of a guest VM to cause the host to crash or become unresponsive.

  • CVE-2024-45817 has not been rated, but affects how the state of the system could end up in deadlock due to a recursive call guarded by a mutex on x86's APIC (Advanced Programmable Interrupt Controller) architecture when reporting errors to a status.
In addition to the above, Citrix has indicated that the following vulnerabilities affect XenServer 8 and may allow an attacker on the management network to cause the XenServer host SNMP service to crash or become unresponsive.
  • CVE-2022-24805 is not rated, but affects net-snmp and allows for a classic buffer overflow.
  • CVE-2022-24809 is not rated, but affects net-snmp and allows for a NULL pointer dereference.

Both of these can be triggered by a user with read-only credentials.

What is the impact? #

The vulnerabilities may all be triggered by guest or read-only credentials which increases the likelihood of them occurring.

Are updates or workarounds available? #

Citrix recommends limiting access to management interfaces as well as upgrading to one of the following versions:

How do I find potentially vulnerable systems with runZero? #

From the Asset Inventory, use the following query to locate systems running potentially vulnerable software:

(product:citrix and type:hypervisor) or product:xenserver

Written by Blain Smith

Blain Smith is a Security Research Engineer at runZero. He spent most of his career in cloud and distributed systems for AAA gaming, entertainment, and networking working on some of the most popular games and systems millions of people play and watch daily. He has given numerous talks at conferences such as TEDx, GopherCon, and P99CONF. His shift into infosec has afforded him the ability to apply his distributed systems and networking knowledge to other industries such as IoT and OT.

More about Blain Smith
Subscribe Now

Get the latest news and expert insights delivered in your inbox.

Welcome to the club! Your subscription to our newsletter is successful.


Related Articles

Rapid Response
How to find SuperMicro BMCs
Supermicro released a vulnerability advisory for a critical CVE that allows for remote code execution (CVE-2024-36435). Here's how to find impacted...
Rapid Response
How to find OpenPrinting CUPS services on your network
Several vulnerabilities within OpenPrinting CUPS potentially allow for remote code execution. Here's how to find impacted assets.
Rapid Response
How to find Advantech ADAM devices on your network
Advantech has disclosed multiple vulnerabilities in their ADAM 5000 series Ethernet I/O modules. Here's how to find them on your network.
Rapid Response
How to find VMware vCenter assets on your network
Broadcom has issued a security advisory for two vulnerabilities in VMware vCenter. Here's how to find potentially vulnerable assets with runZero.

See Results in Minutes

Get complete visibility into IT, OT, & IoT — without agents, credentials, or hardware.

© Copyright 2024 runZero, Inc. All Rights Reserved